Costar Group

Costar Group

Provides commercial real estate data, analytics, and marketing services.

4,700Commercial Real EstateResidentialApartmentsHospitalityIndustrialRetailOfficeMultifamilyLandInvestment SalesWebsite

Senior Offensive Security Engineer

Lead red/purple team ops, conduct penetration tests, develop exploits, mentor staff.

Arlington, Virginia, United States
Full Time
Junior (1-3 years)
-pre-employment substance abuse testing.

Job Highlights

Environment
Office Full-Time
Visa Sponsorship
-costar group does not provide visa sponsorship for this position.
Security Clearance
-pre-employment substance abuse testing.

About the Role

The Senior Offensive Security Engineer will evolve offensive security capabilities, develop test plans to validate vulnerabilities, demonstrate exploitation, and communicate findings to senior management while staying current with adversary techniques. • Lead purple‑team activities with threat management and blue teams, including adversary emulation and validation of controls. • Plan and manage external red‑team engagements with partners. • Mentor and share knowledge with offensive security team members. • Oversee internal penetration testing, acting as both performer and coach for critical infrastructure such as CI/CD systems and Active Directory.

Key Responsibilities

  • purple team
  • red team
  • pen testing
  • ci/cd security
  • mentoring
  • findings reporting

What You Bring

Candidates must hold a bachelor’s degree in a relevant field, have at least three years of offensive security experience, six years total in a technical role, relevant security certifications, and scripting/programming skills, and they will plan and execute red‑team and purple‑team scenarios. • Bachelor’s degree from an accredited, non‑profit university (preferably Computer Science or Cyber Security). • Proven commitment to prior employers. • Minimum 3 years of offensive security work (red teaming, penetration testing, vulnerability research). • At least 6 years in a technical role (security, networking, systems, or software development). • Security certification (e.g., OSEP, OSCP, CRTO, GXPN). • Scripting/programming proficiency in Bash, Python, PowerShell. • Experience planning and executing Red Team and Purple Team scenarios. • Proficiency with security tools such as NMAP, Burp Suite, Kali Linux, Bloodhound. • Experience with C2 frameworks like Cobalt Strike, Sliver, Mythic. • Knowledge of Windows Active Directory exploitation tools and techniques. • Ability to develop payloads and exploits in C, C#, or C++. • Understanding of EDR systems and evasion techniques.

Requirements

  • bachelor's
  • security cert
  • python
  • nmap
  • cobalt strike
  • red team

Benefits

CoStar provides a supportive environment with competitive compensation, professional development opportunities, and a comprehensive benefits package. • Collaborative, innovative culture. • Competitive salary with performance‑based incentives. • Tuition reimbursement and internal training. • Comprehensive medical, vision, dental, and prescription coverage. • Life, legal, and supplemental insurance. • Mental health counseling (virtual and in‑person) for individuals and families. • Commuter and parking benefits. • 401(k) with matching contributions. • Employee stock purchase plan. • Paid time off. • On‑site or reimbursed fitness center access, yoga, Peloton, personal training. • Free gourmet coffee, tea, hot chocolate, fresh fruit, and healthy snacks.

Work Environment

Office Full-Time

Apply Now